RLD INTELLECTUAL PROPERTY OROANIZA' 
International Bureau 




PCT 

INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) 



(51) International Patent Classificati n 6 : 

H04L 9/32, G06F 17/30, H04K 1/00 



Al 



(11) Internati nal Publicati n Number: WO 98/17029 

(43) International Publication Date: 23 April 1998 (23.04.98) 



(21) International Application Number: PCT/SE97/01713 

(22) International Filing Date: 14 October 1997 (14.10.97) 



(30) Priority Data: 

9603825-2 



17 October 1996 (17.10.96) 



SE 



(71) Applicant: TELIA AB [SE/SE]; Marbackagatan 11, S-123 86 

Farsta (SE). 

(72) Inventors: SVENSSON, Claes; Folkungagatan 16 A, S-753 

36 Uppsala (SE). SVENSSON, Anders; Flogstavagen 41 B, 
S-752 73 Uppsala (SE). 

(74) Agent: MAYER, Till; Telia Research AB, Rudsjoterrassen 2, 
S-136 80 Haninge (SE). 



(81) Designated States: NO, European patent (AT, BE, CH, DE, 
DK, ES, FI, FR, GB, GR, IE, IT, LU, MC, NL, PT, SE> 



Published 

With international search report. 
Before the expiration of the time limit for amending the 
claims and to be republished in the event of the receipt of 
amendments. 



(54) Title: TRANSFER OF SIGNED AND ENCRYPTED INFORMATION 

(57) Abstract 

The invention relates to a device and a method at 
a telecommunications system and a data communications 
system which makes possible signing and encryption of 
the information which is transmitted between a transmitting 
and a receiving equipment in said system. The invention 
is briefly characterized in a software for signing and 
encryption by means of smart cards which are linked 
together with a software which can show text, data entry 
fields, buttons, etc. This program is utilized as a plug-in 
unit or a Java-unit in a WWW-browser. Before the 
information is shown to the user, or is transmitted from the 
user, encryption functions can be applied to the information. 
All internal communication related to the safety on the local 
PC will by that be needless, by all necessary information 
processing being performed in said plug-in unit. All extra 
steps in the signalling process is by that concealed from the 
user and intruders, if any. 
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TRANSFER OF SIGNED AND ENCRYPTED INFORMATION 

FIELD OF THE INVENTION 
5 The present invention relates to a device and a method 

at a telecommunications system or data communications 
system which makes possible signing and encryption of 
information which is transmitted between a transmitting 
equipment and a receiving equipment. 

10 

PRIOR ART 

The increased interest among the public in IT and 
especially Internet has resulted in that many companies och 
private persons want to carry on trade via Internet. 

15 The problem that will arise when someone wants to sell 

anything via Internet is how payment communication and 
trade communication shall be made in a reliable and to 
unauthorized persons uninterpretable way. 

Another situation of use where it is important with 

20 safe information transfer, where no unauthorized persons 
shall have possibility to acquaint themselves with the 
contents of transmitted information, is when certain 
persons/companies have authority to read certain programs 
or databases in a communications system (for instance 

25 Internet) . 

The problem above is solved by means of encryption of 
the information which is transmitted and verification of 
the identity of the users who are transmitting the 
information. The encryption and signing of today via 

30 Internet, however, is imperfect because there occur 

unneccessary communication of not encrypted information 
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between processors and servers before the information is 
encrypted. 

If one for instance today wants to sign and encrypt a 
document in Internet, where a web-server is run locally 
5 towards the client machine, the document is transmitted to 
the server where a CGI (Common Gateway Interface) -program 
performs signing/encryption. 

After that a newly made page is transmitted from the 
CGI-program to the Web-browser (Web-reader) where one. 
10 acknowledges the transmission of data from the machine. 

In order to find out whether the prior art describes 
encryption and signing via Internet, a preliminary 
investigation was made, at which the following documents 
were found: 

15 Document 1: EP,A1, 693 83 6 

2: EP,A2, 702 477 

3 : WO,Al, 96/05681 

4: WO,Al, 93/15581 

5: DE , Al , 44 14 553 
20 6: EP,A1, 696 121 (abstract + figure) 



Document 1 relates to a method and equipment for managing 
of code keys at transmission of encrypted information over 
Internet. See especially "Summary of the invention's 
25 "Application of the present Invention to Site Firewalls" 

(column 13, Figure 6-10) and "User Authentication" (column 
17) . 

Document 2 relates to a system for automatic encryption 
and decryption of data packets transmitted between "sites" 
30 on Internet or other data networks. See especially 
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"Abstract", "Description" (page 1) and "APPENDIX A" (page 
8) . 

Porpimpmt 3 describes a device and a method for 
indentif ication and authentication at establishing of 
5 connection to local data networks via for instance 
Internet. The document does not deal with encrypted 
transmission. See especially "Abstract" and Figure 1 and 3 
with belonging text . 

nnrnmpnt 4 describes a method, device and arrangements 
10 for encrypted transmission of information between 

interconnected networks, preferably by means of the 
protocol TCP/IP. See " Abstract" and Figure 1 and 2 with 
belonging text . 

Document 5 describes determination of authenticity of 
15 subscribers "equipment by means of TCP/IP. The document does 
not deal with encrypted transmission. 

The above found documents are, however, marred by the 
same problem as has been described above regarding 
encryption and signing of document via Internet. 

20 

SUMMARY OF THE INVENTION 

The aim of the present invention consequently is to 
clear away above mentioned problem and provide a very safe 
communication via an information carrying network such as, 

25 for instance, Internet. 

This aim is achieved by a device and method which is 
characterized in that a software for signing and encryption 
by means of smart cards or by means of software is linked 
together with a software which shows text, data entry 

30 f ie Ids, but tons . and lcpns.-fi.tc , which linked-up program is 
utilized as a plug- in unit or Java-unit in a browser, at 
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which all information to/from the user is 

decrypted/encrypted in said plug-in unit or said Java-unit. 

An advantage with this is that all internal 
communication regarding the security on the local PC by 
5 that becomes needlesss, because all necessary processing of 
information is made in the plug- in unit or Java-unit; 
supporting programs executing as a part of the browser. 

Another advantage is that all extra steps are concealed 
from the user and, if any, intruders. If delicate 
10 information shall be processed, then the Java- or plug- in 
unit program can encrypt everything that is going out, and 
decrypt everything that is coming in automatically. No text 
en clair will be transmitted between processes, not even on 
the local computer. 
15 { Because it is a "living" program that is executed in 

the browser, there is possibility to do so much more than 
in an ordinary HTML -form. 

The program also can communicate over the network in the 
background, for instance for monitoring processes. 

20 



BRIEF DESCRIPTION OF THE DRAWING 

In the following a more detailed description of the 
invention is given with reference to the only drawing. 
25 Figure 1 describes schematically the verification 

procedure in the telecommunications system according to the 
present invention. 

DETAILED DESCRIPTION OF AN EMBODIMENT OF THE INVENTION 
30 The aim with the present invention is, as has been 

mentioned above, to effect a way to sign documents or 
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corresponding information electronically and to transmit 
and receive encrypted information over an information 
carrying communication network such as, for instance, 
internet, and where said encryption respective signing 

5 shall be made by means of utilization of smart cards or by 
software which can cooperate with said network. 

The aim above all is to make possible to transmit 
messages with personal signatures over Internet. 

This of course can be used in a large number of 

10 different connections such as electronic banking, travel 

agencies, trade of different kinds or controlled access to 
databases which are made accessible via the network. 

In this embodiment different services are described 
which are made accessible from KTJTs (KTH = "Kungl. 

15 Tekniska Hdgskolan" , i.e. "The Royal Institute of 

Technology") documentation system (LADOK) via Internet, 
provided that one has authorization to get access to these 
services. 

Some abbreviations which will turn up continuously in 
20 the description now will be explained: 



25 



30 



CA Certification Authority 

CGI Common Gateway Interface 

LADOC Local, ADP-based Documentation 
System; KTH's equivalent to 
Uppsala University's UPPDOK. 
MIME Multipurpose Internet Mail Extensions 
NSAPI Netscape Server Application 

Programming Interface 
URL Uniform Resource Locator 
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The intention now will be described with reference to 
Figure 1 - 

The system according to the present invention consists 
of a computer 3, with a Web-server (called the server 
5 computer) , one or more computers 1 with a WWW-browser and a 
card reader for smart cards. In addition all included 
computers 1 shall be connected to Internet. The client 
computer 1 includes a safety software 2 . 

Smart cards are personal cards with storage, processor, 
10 operative system etc. In these are the private key which is 
needed for signing and encryption and furthermore a 
certificate of X.50 9 standard. The certificate includes 
among other things the user's public key, CA's open key, 
information about the person etc. The card is an electronic 
15 identity document which in addition gives possibility to 
create personal electronic signatures which are unique to 
each person and card. The authenticity of the signature is 
possible to check by all levels which have access to the 
person's open key. This key can be obtained from a trusted 
20 authority on the network. 

On the server side a service application 4 is conneced 
to the database LAD0K 6, which service application includes 
a safety software 5. 

The invention consequently implies to make services 
25 from LADOK accessible via Internet. Other services can, as 
has previously been mentioned, be arranged on the network 
with the same technology, for instance banking services, 
booking of journeys etc. 

The service client 1 creates a signed message by an 
30 API-call to the safety software 2 f where the message is 
given as parameters. The client 1 waits for answer which 
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can be: signed message or type of error. If a signed 
message arrives at the client 1, this shall be packed into 
a structure and transmitted over the network (WWW) to the 
service application 4 via the Web- server 3 for that 
5 machine. The service application 4 disassembles the 

structure and transmits the user identity and the signed 
message to the safety software 5 for verification. The 
verification shall give OK or error code. If OK is 
received, the application 4 shall transmit the message and 

10 user identity to LADOK 6 for preparation, otherwise user 
identity and message shall be logged. The application 4 
waits for answer from LADOK " s 6 output or input process and 
returns this answer to the service client 1 via the 
network. The answer can be in ordinary text /html -form, or 

15 of some MIME- type , so a plug- in unit (not shown) can be 
started on the client side 1 . 

The answer shall include a description of how the work 
shall be possible to be extended for encryption in both 
directions. 

20 In the started plug- in unit in the Web-browser at the 

server client 1 then all information which shall be 
transmitted to LADOK 6 is fed in, which information is 
encrypted directly in the plug- in unit. Signing of 
information/document is preferably made by a client 

25 utilizing an active card with personal code and a card 
reader connected to said plug-in unit. When encrypted 
information is coming in from LADOK 6 to the service 
client's computer 1, the information is decrypted in the 
plug- in unit. 

30 If, however, a general software is made which supports 

HTML- form management and certain extensions, then customer 
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adapted safety critical applications can be written with 
very small contribution of work. The client side gets one 
copy of the program (possibly automatically downloaded) . 
The side which contains the extended form then starts the 
5 program to show the content. The program "parses" the 

extended HTML- form language and shows the content on the 
scre en. When the user has made all the "feeding" and makes 
"submit" , then all data is packed, signed and encrypted. No 
programming is needed for the clients and these moreover 
10 can use the same client software for a number of different 
applications. 

On the server side there is a need of some programming, 
but with a Software Development Kit which has been 
developed (empty frame program), it is only the customer 
15 unique programming that needs to be added. 

Extension implies that all communication over the 
network shall be encrypted. 

The signatures shall be possible to be created by means 
of smart cards. If the deliveries of these cards are 
20 delayed, the signatures will, to begin with, be created in 
software . 

In the following, preferred protocols and commands 
which are necessary to implement the embodiment will be 
discussed. 

25 By network protocol is meant the protocol which is used 

between the Web-server and the Web-browser. 

The service client 1 should transmit a tuple with the 
following appearance to the service application 4 : 
Application=SECUNET&Ver=versionnumber& . . . 
30 for instance 



WO 98/17029 



9 



PCT/SE97/0ltl3 



Application=SECUNET&Ver=l . 00&Type=Sign&UserCert= . . . & 
Msg= . . . &Signature= ... 
where 

• Version number is a serial number of the type (in 
5 pseudo C-code) 

("%D.0%2D" , major, minor). 

• Type is a string which describes the type of the 
message, can be 

• Normal 
10 • Sign 

• Encrypt 

• Sign&Encrypt 

• . . other types 

• The user certificate is the certificate from the 
15 smart card . 

• The messsage should be a URL- encoded string of all 
information that exists in the INPUT- fields in 
the form. 

• Signature should be a URL- encoded string of the 
20 signature . 

To the version number there shall be a mapping which 
decides the number of fields and what each field contains. 
This makes it easier to make changes in the protocol. There 
shall be a mapping for each type of protocol. If the 

25 receiving application cannot manage the type of protocol, 
it shall return an error code, preferably in HTML- form. 

If URL-encoding is used and the protocol looks as 
above, existing CGI -programs can be utilized as basis for 
server applications. All binary data which shall be 

30 transmitted should be URL-encoded before it is transmitted 
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over the network. It should be realized that this applies 
to certificates, signatures and encrypted data. 

The service client 1 shall extend the functionality of 
some type of WWW-browser making it manage signing, 
5 encryption, authentication and verification. As Netscape 
Navigator 2.0+ is expected to be widely spread, and as a 
lot of companies develop so called plug- in units for 
Navigator, that type of technology shall be used. 

A plug- in unit shall be produced which can give 
10 possibility to read an input from the network (a URL), show 
it to a client, interact with the client, and finally 
transmit the result over the network, preferably in the 
same form as FORM (see the HTML -document at ion) makes use 
of. The plug-in unit shall be associated with the MIME- 
15 type: application/x-secunet and file extensions: .secunet 
and .sec if these are not engaged. 

Registration of MIME-types shall be made at Netscape by 
the agency of Telia Promotor. 

The input which the plug- in unit is expected to read 
20 shall consist of a subset of HTML. This language should 
contain the following commands (with approximately 
correspondning semantics as at HTML) : 

<P> 

25 <BR> 

<HR> 

<H1>...<H4>, </Hl... </H4> 
<A . . . > , </A> 
< SELECT . . . > 
30 <FORM...> / </FORM> 
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and the following commands with extended semantics: 
>INPUT. . . > 

Input shall be able to take an extra parameter: 
5 EXTENDED. This parameter only need to have well-defined 

semantics about TYPE=SUBMIT when it indicates how the form 
shall be transmitted: 
ENCRYPT 
SIGN 

10 SIGN and ENCRYPT 

. . .possible future extensions 
When corresponding button in the form is activated, 
suitable routines shall be called to process the indata 
which are in the form, before these are transmitted to the 
15 URL described in <FORM...>. 

All options which exist to each HTML-command need not 
be implemented, but only those which are necessary to make 
communication, interaction with the user and signing to 
function. 

20 The client shall be possible to be run under MS Windows 

3.x and MS Windows 95/NT with Netscape Navigator. Which 
version that will be required on Navigator is to be 
determined by the application. Because Microsoft's Internet 
Explorer has launched the same API as there is in Netscape 

25 Navigator, the plug-in unit probably will function with 
that software as well, but this is no demand. 

To make it possible to find out whether a message which 
is coming to the plug- in unit is an encrypted or a common 
message, the following protocol identifier (or 

30 corresponding) should be used: 
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<HTML> 
or 

<SECUNET VERSION=ver TYPE=type> 
where "ver" indicates the version number of the protocol 
5 and "type" indicates the type of the message, which for 
instance is encrypted or is signed. Lack of protocol 
identifier should be interpreted as if the message is of 
the type normal. 

This is only for the purposse of facilitating a future 
10 extension of the system. 

The service application 4 shall function as a CGI- or 
NSAPI-program (or corresponding) which shall receive 
messages which the service client 1 transmits. 

The version field shall be controlled in order to see 
15 whether the service application 4 can manage the protocol. 
If the version control fails, the program shall return an 
error code in HTML- form. In other case the type of the 
message shall be controlled in order to see if verification 
and/or decryption must be performed. Verification/ 
20 decryption, if any, shall be performed, and if it succeeds, 
all parameters shall be transmitted to the product unique 
LADOK-code, otherwise the parameters, user identity, if 
any, and signature, if any, shall be logged. As person 
identifier shall be used civic registration number, if this 
25 is accessible on the smart card, in the certificate or in 
another safe place. 

If there is no civic registration number on the card, 
authentication only can be made if there is a safe mapping 
between the certificates and the civic registration 
30 numbers, in for instance LADOK. 
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If the verification succeeds, it does not mean that the 
user is allowed to do what he/she likes in the system, but 
only that the identification is confirmed, so loggings, if 
any, of users who neglect their duties in LADOK must be 
5 made in the LADOK- system. 

The following services shall be implemented: 

• Show the five latest reported courses /moment s . No 
inparameters . Returns at the most five courses 
(course code) and mark. 

10 • Show status for a certain course . Inparameter 

course code, six characters. Returns mark for the 
course . 

• Show sum of passed course points. No inparameters. 
Returns number of passed points, at the most four 

15 characters . 

• Show certificate of studies to fax or printer. In- 
parameter fax number/printer number. Returns 
OK/error . 

To the above it possibly can be necessary to include 
20 civic registration number. If a transaction code to map 

course code to course name is made accessible, the server 
will return course name instead of course code. 

The code shall be possible to be run on machines with 
the operative systems UNIX or Windows NT and must not be 
25 depending on a special Web- server. However, it is 

sufficient if the system functions with a few different 
Web- servers (two or more) . Parts of the code which are 
written uniquely for a certain operative system shall be 
documented separately to facilitate porting. 
30 The application is programmed in such a way that it is 

easy to adapt the solution to new problems and should not 
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be written uniquely for LADOK. Parts which are unique to 
LADOK shall be divided into own source codes to facilitate 
reuse of the parts in common. 

What has been described above is only to be regarded as 
an advantageous embodiment of the invention, and the scope 
of protection of the invention is only defined by what is 
indicated in the following patent claims. 
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PATENT CLAIMS 

1. Device including a service client computer (1) and a 
WWW-browser at a telecommunications system or a data 
communications system which makes possible signing and 
5 encryption of information which is transmitted between a 
transmitting equipment and a receiving equipment, 
characterized in that a software for signing 
and encryption by means of software or smart cards is 
linked together with a software which shows text, data 
10 entry fields, buttons and icons, etc, which linked up 

program is arranged to be utilized as a plug- in unit or a 
Java-unit in said WWW-browser, at which all information 
to/from said service client computer (1) is 

decrypted/encrypted in said plug-in unit or said Java-unit. 
15 2. Device according to patent claim 1, 

characterized in that said service client 
computer (1) includes a safety software (2) for 
verification of said signature. 

3. Device according to patent claim 1 or 2 , 

20 characterized in that said service client 

computer (1) is connected to a card reader, at which a user 
of said service client computer (1) identifies 
himself /herself by means of an active card together with a 
personal code, at which said active card includes a private 

25 key, which is needed for signing and encryption, and a 

certificate including a public key and personal data etc. 

4. Method which utilizes a service client computer (1) 
and a WWW-browser at a telecommunications system or a data 
communications system for signing and encryption of 

30 information which is transmitted between a transmitting and 
a receiving equipment, characterizedin that a 
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software for signing and encryption by means of smart cards 
or by means of software is linked together with a software 
which shows text, data entry fields, buttons and icons, 
etc, which linked up program is utilized as a plug-in unit 
5 or Java-unit in said WWW-browser, at which all information 
to/from a user of said service client computer (1) is 
decrypted/encrypted in said plug-in unit or said Java-unit. 

5 . Method for verification of a user of the service 
client computer (1) according to the patent claim 4, 
10 characterized in that it includes the steps 
that: 

a) the user of the server client computer (1) creates a 
signed message by an API -call to the safety software (2) , 
where said message is given as parameter, at which the 

15 service client computer (1) receives answer as "signed 
message" or "type of error". 

b) if a signed message arrives at the service client 
computer (1) the message shall be packed into a structure 
and be transmitted over the WWW-network to a service 

20 application (4) via a Web-server (3) for the service client 
computer (1), at "type of error", the message is logged; 

c) service application (4) disassembles the structure 
and transmits the user identity (AI) and the signed message 
to a safety software (5) for verification, at which the 

25 safety software (5) verifies the user or gives error code; 

d) at verification the service application (4) 
transmits the message and user identity to the database (6) 
to which the service client (1) wants access; at error code 
user identity and message are logged. 
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e) the service application (4) receives verification 
answer from said database (6) and returns this answer to 
the service client computer (1) via the WWW-network; 

f) the answer which said service client computer (1) 
5 receives is of a text /html -form or of MIME-type, whereby 

said plug- in unit or Java-unit starts in said WWW-browser 
in the service client computer (1) . 

6 . Method according to patent claim 5 , 
characterizedin that said answer from said 
10 database (6) includes a description of how it shall be 

possible to extend information transmission for encryption 
in both directions. 
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